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IN THE CLAIMS; 

Please reconsider the claims as follows: 

LISTING OF THE CLAIMS; 

1 . (previously presented) A method, comprising: 

identifying a set of virtual private network (VPN) customers, at least one mobile 
access point (MAP) and at least one customer premise equipment (CPE) associated with 
each VPN customer, and at least one Internet Protocol (IP) service gateway (IPSG) for 
facilitating VPN tunneling between a MAP and a CPE, wherein each MAP is 
geographically remote from each IPSG; and 

selecting a subset of IPSGs to maximize total profit resulting from provisioning a 
subset of VPN customers on the selected IPSGs, wherein said total profit from all the 
customers comprises the sum of profits from each customer (/), where for each customer 
profit (if) equals weighted revenue {J V 1 ) less cost (C\ (lf=f V-C 1 ), wherein said cost 
per customer comprises a total tunnel bandwidth cost (C l c ) from said MAP to said CPE, 
and a cost (CV) of provisioning an IPSG node. 

2. (original) The method of claim 1, wherein 7 represents relative weight of 
revenue compared to total cost for customer /. 

3. (original) The method of claim 1, wherein said total tunnel bandwidth cost 
comprises a dynamic tunnel bandwidth cost between said MAP and said provisioned 
IPSG, and a static tunnel bandwidth cost between said provisioned IPSG and said CPE. 

4. (original) The method of claim 1, wherein only a single tunnel is established 
between said provisioned IPSG and said CPE, even during instances where traffic from 
multiple MAPs are going through said provisioned IPSG to reach said CPE. 
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5. (original) The method of claim 1, wherein in an instance said provisioned IPSG 
sends traffic to more than one CPE, said provision cost is counted only once. 

6. (original) The method of claim 1 , wherein said cost per customer / is determined 



by C' = ^ c'y + /3 ^d'jk \ + oc^fj-y'j , where c l y is a bandwidth cost associated 



with sending traffic from a MAP node i to an IPSG node j, c? Jk is a bandwidth cost 
associated with sending traffic from said IPSG node j to said CPE node k, /? represents a 
weighing factor with respect to said shared static tunnel,^ is a provisioning cost 
associated with using said IPSG node j , y'j is a binary variable denoting whether said 
IPSG j is provisioned for a provisioned customer to send traffic to at least one of its 
CPEs, and a is a weighing factor for provision cost over total bandwidth cost. 

7. (original) The method of claim 6, wherein said bandwidth cost (c'y) associated 
with sending traffic from a MAP node i to an IPSG node j comprises the product of unit 
bandwidth cost (ay) between said MAP node i and said IPSG node j, and a sum of traffic 

^ ^ s l yk , Vz s P, V/' e Q j from MAP node i to said CPE node k that is directed through 

IPSG node j. 

8. (original) The method of claim 6, wherein said bandwidth cost (d^*) associated 
with sending traffic from an IPSG node j to a CPE node k comprises the product of unit 
bandwidth cost (e l jk) between said IPSG node j and said CPE node k, and a total amount 

of traffic £ s l i jk , Vy eQ,VkeR, from MAP node i to said CPE node k that is directed 





through IPSG node j. 
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9. (original) The method of claim 6, wherein said total amount of traffic ^^s'ly* j 

from MAP node i to said IPSG node j is less than or equal to total bandwidth capacity 
(gij) between said MAP node i and said IPSG node j. 

1 0. (original) The method of claim 6, wherein said total amount of traffic ^EX 4 * j 

from said IPSG node j to said CPE node k is less than or equal to total bandwidth capacity 
(h l jk) between said IPSG node j and said CPE node k. 

1 1 . (previously presented) A virtual private network (VPN) system architecture, 
comprising: 

means for identifying a set of virtual private network (VPN) customers, at least 
one mobile access point (MAP) and at least one customer premise equipment (CPE) 
associated with each VPN customer, and at least one Internet Protocol (IP) service 
gateway (IPSG) for facilitating VPN tunneling between a MAP and a CPE, wherein each 
MAP is geographically remote from each IPSG; and 

means for selecting a subset of IPSGs to maximize total profit resulting from 
provisioning a subset of VPN customers on the selected IPSGs, wherein said total profit 
from all the customers comprises the sum of profits from each customer (/), where for 
each customer profit (if) equals weighted revenue ( ^ V 1 ) less cost (C l ), (lf= ? V*-C l ), 
wherein said cost per customer comprises a total tunnel bandwidth cost (C c) from said 
MAP to said CPE, and a cost (CV) of provisioning an IPSG node. 

12. (previously presented) The system architecture of claim 11, wherein 7 represents 
relative weight of revenue compared to total cost for customer /. 

1 3 . (previously presented) The system architecture of claim 1 1 , wherein said total 
tunnel bandwidth cost comprises a dynamic tunnel bandwidth cost between said MAP 
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and said provisioned IPSG, and a static tunnel bandwidth cost between said provisioned 
IPSG and said CPE. 

14. (previously presented) The system architecture of claim 11, wherein only a single 
tunnel is established between said provisioned IPSG and said CPE, even during instances 
where traffic from multiple MAPs are going through said provisioned IPSG to reach said 
CPE. 

15. (previously presented) The system architecture of claim 11, wherein in an instance 
said provisioned IPSG sends traffic to more than one CPE, said provision cost is counted 
only once. 

1 6. (previously presented) The system architecture of claim 1 1 , wherein said cost per 
customer / is determined by C l = ^c'y+fi ^d'jk l + a^fjy'j , where c'yis a 



bandwidth cost associated with sending traffic from a MAP node i to an IPSG node j, djk 
is a bandwidth cost associated with sending traffic from said IPSG node j to said CPE 
node k, f5 represents a weighing factor with respect to said shared static tunnel, fj is a 
provisioning cost associated with using said IPSG node, y l j is a binary variable denoting 
whether said IPSG j is provisioned for a provisioned customer to send traffic to at least 
one of its CPEs, and a is a weighing factor for provision cost over total bandwidth cost. 

1 7. (previously presented) The system architecture of claim 1 6, wherein said 
bandwidth cost (c l y) associated with sending traffic from a MAP node i to an IPSG node j 
comprises the product of unit bandwidth cost (ay) between said MAP node i and said 



IPSG node j, and a sum of traffic £ s'p, Vi eP.Vyeg from MAP node i to said CPE 





node k that is directed through IPSG node j. 
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1 8 . (previously presented) The system architecture of claim 1 6, wherein said 
bandwidth cost associated with sending traffic from an IPSG node j to a CPE node k 
comprises the product of unit bandwidth cost (e l Jk ) between said IPSG node j and said 

CPE node k, and a total amount of traffic ^X" 5 '"* > ^ e Q, V£ e /?, j from MAP node i to 

said CPE node k that is directed through IPSG node j. 

1 9. (previously presented) The system architecture of claim 1 6, wherein said total 
amount of traffic from MAP node /' to said IPSG node j is less than or equal to 
total bandwidth capacity (gjj) between said MAP node i to said IPSG node j. 

20. (previously presented) The system architecture of claim 16, wherein said total 
amount of traffic ^ s 'v k j fr° m sa id Ip SG node j to said CPE node k is less than or 
equal to total bandwidth capacity (h l jk) between said IPSG node j and said CPE node k. 

21 . (original) The system architecture of claim 11, wherein said MAPs provide 
dynamic switching and routing of data connections, while said IPSGs provide VPN 
services. 

22. (previously presented) A computer readable medium for storing instructions that, 
when executed by a processor, perform a method for optimally provisioning connectivity 
for network-based mobile virtual private network (VPN) services, comprising: 

identifying a set of virtual private network (VPN) customers, at least one mobile 
access point (MAP) and at least one customer premise equipment (CPE) associated with 
each VPN customer, and at least one Internet Protocol (IP) service gateway (IPSG) for 
facilitating VPN tunneling between a MAP and a CPE, wherein each said MAP is 
geographically remote from each said IPSG; and 



1013582_2 



Serial No. 10/772,080 
Page 7 of 16 

selecting a subset of IPSGs to maximize total profit resulting from provisioning a 
subset of VPN customers on the selected IPSGs, wherein said total profit from all the 
customers comprises the sum of profits from each customer (7), where for each customer 
profit (if) equals weighted revenue (J V 1 ) less cost (C 1 ) (lf=? V'-C 1 ), wherein said cost 
per customer comprises a total tunnel bandwidth cost (C l c) from said MAP to said CPE, 
and a cost (C l v ) of provisioning an IPSG node. 
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